CVE-2010-3756

IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 & 6.1.0.0-6.1.0.1 DoS via _CalcHashValueWithLength

Title source: llm
STIX 2.1

Description

The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514070/100/0/threaded
Various Sources x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21443820
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-10-186/

Scores

EPSS 0.0142
EPSS Percentile 69.8%

Details

CWE
CWE-20
Status published
Products (10)
ibm/tivoli_storage_manager_fastback 5.5.0
ibm/tivoli_storage_manager_fastback 5.5.1
ibm/tivoli_storage_manager_fastback 5.5.2
ibm/tivoli_storage_manager_fastback 5.5.2.0
ibm/tivoli_storage_manager_fastback 5.5.3.0
ibm/tivoli_storage_manager_fastback 5.5.4.0
ibm/tivoli_storage_manager_fastback 5.5.5.0
ibm/tivoli_storage_manager_fastback 5.5.6.0
ibm/tivoli_storage_manager_fastback 6.1.0.0
ibm/tivoli_storage_manager_fastback 6.1.0.1
Published Oct 05, 2010
Tracked Since Feb 18, 2026